Keeping the lights on


The compliance processes that many United States bulk electric system (utility) owners and operators use to comply with North American Electric Reliability Corporation (NERC) critical infrastructure protection (CIP) standards are not sustainable.

It is possible, however, to create a sustainable NERC CIP program that goes beyond assuring compliance to protect critical infrastructure assets from attacks. Utilities should focus on creating a continuous cycle of activities—or a life-cycle of sustainability—to help overcome challenges.

Utilities invest a great deal of time and energy in interpreting NERC CIP standards and defining the policies, processes, roles and responsibilities, and technical controls that the utilities must implement to assure compliance. In this context, some of the greatest challenges include:

Achieving optimal protection

These steps can lead utilities to a point at which they can maintain compliance and experience business benefits beyond avoiding expensive penalties:

  • Understand where you stand today.

  • Establish a sustainability strategy and governance framework.

  • Establish an actionable plan to build the foundational components of a sustainable program.

  • Begin industrializing key NERC CIP processes.

Benefits of a sustainable NERC CIP program

Utilities can reach a point at which they not only maintain compliance efficiently but also experienced business benefits beyond avoiding expensive penalties and negative publicity. Benefits include:

Advanced security because compliance alone doesn’t equal protection

Attackers routinely breach infrastructures and systems that are 100 percent compliant with regulatory standards. Protecting power grids requires more than regulatory compliance. An advanced approach to operations that spans the entire business is critical. It must take into account the processes, procedures, stakeholders (and their responsibilities), tools and technologies that underpin the NERC CIP program. It also requires the collaboration of physical security and cybersecurity stakeholders and making security intrinsic to every area of utility operations.

Stay In The Know

Receive e-mails from Accenture featuring new content that matches your interests.

Visit the subscription center to make your selections and subscribe to New from Accenture.